SAN FRANCISCO -- When it comes to the state of U.S. national cybersecurity, how far can the government go to enhance it? How far should it go? The answers to those questions were up for debate by a panel of security experts here at the RSA Conference this week. Richard Clarke, a White House advisor to the last three presidents on security and other issues, was the most vocal panelist in describing a persistent threat to U.S. security. 

    As utilities around the world have initiated major smart grid infrastructure upgrades over the past several years, cyber security has become a critical priority. Security measures are designed to protect the electrical grid from attacks by terrorists and hackers, as well as strengthening its resilience against natural disasters and inadvertent threats such as equipment failures and user errors

     Missing laptops and other security lapses are unfortunately commonplace in the health care industry today…and causing serious damage to the reputation and bottom line of organizations like yours. Increased fines and penalties under the HITECH Act, coupled with the Obama administration’s zeal to recover billions of dollars from its enforcement efforts, may soon transform simple IT lapses into living nightmares for health care entities.

     Security researchers have demonstrated a gaping security hole in Chip and PIN credit card authorisations which undermines trust in the technology as a means to verify retail purchases.

      Secretary of State Hillary Clinton has commendably warned states, terrorists and their proxies that America will protect its computer networks. To do so, however, the federal government must do much more to reach out to the private sector, which controls the vast majority of U.S. critical infrastructure, from banks to communications to energy.

In the following report by ICANN, you can see how the whole global Botnet service operates globally.

You will learn how anyone, even those without the skills to create a Botnet, can still hire their services.

Fast and Double Flux Attacks 2
Version 1.0 January 2008
Introduction
"Fast flux" is an evasion technique that cyber-criminals and Internet miscreants use to evade identification and to frustrate law enforcement and anticrime efforts aimed at locating and shutting down web sites used for illegal purposes.

Fast flux hosting is an application of technology that supports a wide variety of cyber-crime activities (fraud, identity theft, online scams) and is considered one of the most serious threats to online activities today.

Basic fast flux hosting uses rapid modification of IP addresses associated with a system that hosts a malicious activity to evade detection and take down efforts.

This technique is also used to rapidly modify the IP addresses of the name servers that resolve the domain names of the fluxed malicious hosts (this variant is sometimes called NS fast flux).

A particularly troublesome variant of fast flux hosting, "double flux",
fluxes addresses of both name servers and malicious (web server) hosts.

This Advisory describes the technical aspects of fast flux hosting and fast flux service networks.

It explains how the DNS is exploited to abet criminal activities that employ fast flux hosting, identifying the impacts of fast flux hosting, and calling particular attention to the way such attacks extend the malicious or profitable lifetime of the illegal activities conducted using these fast flux techniques.

It describes current and possible methods of mitigating fast flux hosting at various points in the Internet. The Advisory discusses the pros and cons of these mitigation methods, identifies those methods that SSAC considers practical and sensible, and recommends that appropriate bodies consider policies that would make the practical mitigation methods universally available to registrants, ISPs, registrars and registries (where applicable for each).

Somewhere in St. Petersburg, Russia's second city, a tiny start-up has struck Internet gold. Its dozen-odd employees are barely old enough to recall the demise of the Soviet Union, but industry analysts believe they're raking in well over $100 million a year from the world's largest banks, including Wells Fargo and Washington Mutual.

Their two-year rise might be the greatest success story of the former Eastern Bloc's high-tech boom - if only it weren't so illegal. But the cash may be coming from your bank account, and they could be using the computer in your den to commit their crimes.

A married couple accused of running a global Internet identity theft and credit card fraud scheme have postponed applications for bail until next week, the Manhattan district attorney's office said Thursday.

The couple, Vadim Vassilenko, 40, and Yelena Barysheva, 42, are in prison after pleading guilty in September 2006 to running an unlicensed check cashing and money transfer business in New York.

"If we lose the Internet, we do not simply lose the ability to e-mail or to surf the Web. We lose access to our data. We lose our connectivity. We lose our intellectual property. We lose our security.

If there were any questions that the current generation of spammers and hackers have dug in for the long haul, events in the past few weeks should eliminate them. Botnet operators and spammers are continuing the evolution of their networks and techniques to ensure that their messages continue to arrive in our inboxes.